IOC Radar
IPMediumSignal 55/100

168.187.5.210

Location
KuwaitKuwait
Salwá, Al Asimah
ASN
AS42781
Kuwait Electronic and Messaging Services Company
First Seen
Oct 14, 2024
Last Seen
May 31, 2026
Oct 14
First Seen
610d ago
May 31
Last Seen
16d ago
16
Reports
source reports
55%
Confidence
medium
9/91
VirusTotal
detections
Found in 16 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
55%
Signal Score
55 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

39 techniques

Network Information

CountryKWKuwait
RegionSalwá, Al Asimah
ASNAS42781
OrganizationKuwait Electronic and Messaging Services Company

Feed Intelligence Summary

16 reports55% confidence
16
Source reports
55%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningaptattackbad reputationbad web botbecblog spambotnetbotnet activitybrute forcebrute force attackbrute-forcecommand and controlcredential accesscredential harvestingcredential phishingcredential stuffingcredential theftdata exfiltrationdata store exposureddosddos attackdenial of servicedistributed attacksevasive techniquesexploitation activityexploited hostftp brute-forcehackinghashidentity & access exploitationimapimap attackinfrastructure acquisitionreconnaissanceinjection activitykuwaitkwmalicious activitymalicious softwaremalwaremalware distributionnetworkpassword attacksphishingphishing attackphishing e-mailphishing emailprocess injectionproxyreconnaissanceresearchedscannersecurity policysmtpsmtp attackersocial engineeringsophisticated phishing attackspamsql injectionsshssh attackt1003t1003.001t1021t1021.002t1055t1071.001t1078t1078.001t1110.001t1110.002t1110.003t1110.004t1189t1190t1192t1203t1204t1204.001t1486t1496t1499.001t1499.002t1499.003t1534t1565t1566t1566.001t1566.002t1566.003t1566.004t1587.001t1588t1588.002t1590.001t1595.001t1595.002t1595.003t1598t1598.003targeting databasethreat actorthreat preventiontor nodeweb app attackweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
May 31May 31

Threat Activity Heatmap

· Peak: 2026-05-31
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
55
SIGNAL
Signal Score
55%
Confidence
16
Reports
First seenOct 14, 2024
Last seenMay 31, 2026
GeolocationKW
CountryKuwait
LocationSalwá, Al Asimah
ASNAS42781
OrgKuwait Electronic and Messaging Services Company
Coords29.3780, 47.9751

VirusTotal

9/ 91vendors flagged
10% detection rateJun 7, 2026

WHOIS

raw
inetnum: 168.187.0.0 - 168.187.255.255 netname: KEMS-KW org: ORG-GI9-RIPE descr: Kuwait Electronic and Messaging Services Company descr: PO Box No 31811111 descr: Safat, kw 13036 country: KW admin-c: Gn1519-RIPE tech-c: AGN2331-RIPE status: LEGACY remarks: tech support: [email protected] descr: security: [email protected] descr: SPAM: [email protected] mnt-by: GNET-NET-168-187-MNT mnt-lower: GNET-NET-168-187-MNT mnt-lower: GNET-NET-168-187-170-MNT mnt-routes: GNET-NET-168-187-MNT created: 2003-07-22T13:48:41Z last-modified: 2019-12-04T13:12:57Z source: RIPE organisation: ORG-GI9-RIPE org-name: Gulfnet International org-type: OTHER address: Block-A, Floor7, Souk Al-Kabeer P.O. box 3623 Safat 13037 Kuwait City State of Kuwait mnt-ref: GNET-NET-168-187-MNT mnt-by: GNET-NET-168-187-MNT created: 2006-11-25T13:32:04Z last-modified: 2007-01-02T10:34:48Z source: RIPE # Filtered person: Chaudhary Shakeel address: Gulfnet International phone: +965 22984303 nic-hdl: AGN2331-RIPE mnt-by: GNET-AS6412-MNT created: 2006-02-16T21:12:06Z last-modified: 2020-06-16T13:51:47Z source: RIPE person: Gulf net address: Gulfnet International phone: +9651823823 nic-hdl: Gn1519-RIPE mnt-by: GNET-AS6412-MNT created: 2006-08-20T13:19:52Z last-modified: 2025-02-23T09:19:09Z source: RIPE route: 168.187.0.0/18 descr: Kuwait Electronic and Messaging Services Company origin: AS6412 mnt-by: GNET-NET-168-187-MNT created: 2012-01-25T11:29:39Z last-modified: 2012-01-25T11:29:39Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 16 days ago
Appeared in 16 threat reports